google.cloud.gcp_alloydb_instance module – Creates a GCP Alloydb.Instance resource
Note
This module is part of the google.cloud collection (version 1.10.2).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install google.cloud.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: google.cloud.gcp_alloydb_instance.
Synopsis
A managed alloydb cluster instance.
Requirements
The below requirements are needed on the host that executes this module.
python >= 3.8
requests >= 2.18.4
google-auth >= 2.25.1
Parameters
Parameter |
Comments |
|---|---|
The access token used to authenticate. |
|
‘Specifies whether an instance needs to spin up. Once the instance is active, the activation policy can be updated to the `NEVER` to stop the instance. Likewise, the activation policy can be updated to `ALWAYS` to start the instance. There are restrictions around when an instance can/cannot be activated (for example, a read pool instance should be stopped before stopping primary etc.). Please refer to the API documentation for more details. Possible values are: `ACTIVATION_POLICY_UNSPECIFIED`, `ALWAYS`, `NEVER`.’. Choices:
|
|
Annotations to allow client tools to store small amount of arbitrary data. This is distinct from labels. |
|
The type of credential used. Choices:
|
|
‘Availability type of an Instance. Defaults to REGIONAL for both primary and read instances. Note that primary and read instances can have different availability types. Primary instances can be either ZONAL or REGIONAL. Read Pool instances can also be either ZONAL or REGIONAL. Read pools of size 1 can only have zonal availability. Read pools with a node count of 2 or more can have regional availability (nodes are present in 2 or more zones in a region). Possible values are: `AVAILABILITY_TYPE_UNSPECIFIED`, `ZONAL`, `REGIONAL`.’. Choices:
|
|
Client connection specific configurations. |
|
Configuration to enforce connectors only (ex: AuthProxy) connections to the database. Choices:
|
|
SSL config option for this instance. |
|
SSL mode. Specifies client-server SSL/TLS connection behavior. Choices:
|
|
Identifies the alloydb cluster. Must be in the format ‘projects/{project}/locations/{location}/clusters/{cluster_id}’. This field is a reference to a Cluster resource in GCP. It can be specified in two ways: First, you can place a dictionary with key ‘name’ matching your resource. Alternatively, you can add `register: name-of-resource` to a Cluster task and then set this field to `{{ name-of-resource }}`. |
|
Database flags. Set at instance level. * They are copied from primary instance on read instance creation. * Read instances can set new or override existing flags that are relevant for reads, e.g. for enabling columnar cache on a read instance. Flags set on read instance may or may not be present on primary. |
|
User-settable and human-readable display name for the Instance. |
|
Specifies which Ansible environment you’re running this module within. This should not be set unless you know what you’re doing. This only alters the User Agent string for any API requests. |
|
The Compute Engine zone that the instance should serve from, per https://cloud.google.com/compute/docs/regions-zones This can ONLY be specified for ZONAL instances. If present for a REGIONAL instance, an error will be thrown. If this is absent for a ZONAL instance, instance is created in a random zone with available capacity. |
|
The ID of the alloydb instance. |
|
The type of the instance. If the instance type is SECONDARY, point to the cluster_type of the associated secondary cluster instead of mentioning SECONDARY. Choices:
|
|
User-defined labels for the alloydb instance. |
|
Configurations for the machines that host the underlying database engine. |
|
The number of CPU’s in the VM instance. |
|
Machine type of the VM instance. E.g. “n2-highmem-4”, “n2-highmem-8”, “c4a-highmem-4-lssd”. `cpu_count` must match the number of vCPUs in the machine type. |
|
Instance level network configuration. |
|
A list of external networks authorized to access this instance. This field is only allowed to be set when `enable_public_ip` is set to true. |
|
CIDR range for one authorized network of the instance. |
|
Enabling outbound public ip for the instance. Choices:
|
|
Enabling public ip for the instance. If a user wishes to disable this, please also clear the list of the authorized external networks set on the same instance. Choices:
|
|
Configuration for enhanced query insights. |
|
Whether assistive experiences are enabled for this AlloyDB instance. Choices:
|
|
Observability feature status for an instance. Choices:
|
|
Query string length. The default value is 10240. Any integer between 1024 and 100000 is considered valid. |
|
Preserve comments in the query string. Choices:
|
|
Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 200 is considered valid. |
|
Record application tags for an instance. This flag is turned “on” by default. Choices:
|
|
Track actively running queries. If not set, default value is “off”. Choices:
|
|
Record wait event types during query execution for an instance. Choices:
|
|
Record wait events during query execution for an instance. Choices:
|
|
The Google Cloud Platform project to use. |
|
Configuration for Private Service Connect (PSC) for the instance. |
|
List of consumer projects that are allowed to create PSC endpoints to service-attachments to this instance. These should be specified as project numbers only. |
|
Configurations for setting up PSC service automation. |
|
The consumer network for the PSC service automation, example: “projects/vpc-host-project/global/networks/default”. The consumer network might be hosted a different project than the consumer project. The API expects the consumer project specified to be the project ID (and not the project number). |
|
The status of the service connection policy. |
|
The consumer project to which the PSC service automation endpoint will be created. The API expects the consumer project to be the project ID( and not the project number). |
|
The IP address of the PSC service automation endpoint. |
|
The status of the PSC service automation connection. |
|
The DNS name of the instance for PSC connectivity. Name convention: <uid>.<uid>.<region>.alloydb-psc.goog. |
|
Configurations for setting up PSC interfaces attached to the instance which are used for outbound connectivity. Currently, AlloyDB supports only 0 or 1 PSC interface. |
|
The network attachment resource created in the consumer project to which the PSC interface will be linked. This is of the format: “projects/${CONSUMER_PROJECT}/regions/${REGION}/networkAttachments/${NETWORK_ATTACHMENT_NAME}”. The network attachment must be in the same region as the instance. |
|
The service attachment created when Private Service Connect (PSC) is enabled for the instance. The name of the resource will be in the format of `projects/<alloydb-tenant-project-number>/regions/<region-name>/serviceAttachments/<service-attachment-name>`. |
|
Configuration for query insights. |
|
Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 20 is considered valid. |
|
Query string length. The default value is 1024. Any integer between 256 and 4500 is considered valid. |
|
Record application tags for an instance. This flag is turned “on” by default. Choices:
|
|
Record client address for an instance. Client address is PII information. This flag is turned “on” by default. Choices:
|
|
Read pool specific config. If the instance type is READ_POOL, this configuration must be provided. |
|
Read capacity, i.e. number of nodes in a read pool instance. |
|
Array of scopes to be used. |
|
The contents of a Service Account JSON file, either in a dictionary or as a JSON string that represents it. |
|
An optional service account email address if machineaccount is selected and the user does not wish to use the default email. |
|
The path of a Service Account JSON file if serviceaccount is selected as type. |
|
Whether the resource should exist in GCP. Choices:
|
Notes
Note
API Reference: https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.instances/create
AlloyDB Guide: https://cloud.google.com/alloydb/docs/
For authentication, you can set auth_kind using the
GCP_AUTH_KINDenv variable.For authentication, you can set service_account_file using the
GCP_SERVICE_ACCOUNT_FILEenv variable.For authentication, you can set service_account_contents using the
GCP_SERVICE_ACCOUNT_CONTENTSenv variable.For authentication, you can set service_account_email using the
GCP_SERVICE_ACCOUNT_EMAILenv variable.For authentication, you can set access_token using the
GCP_ACCESS_TOKENenv variable.For authentication, you can set scopes using the
GCP_SCOPESenv variable.Environment variables values will only be used if the playbook values are not set.
The
service_account_email,service_account_file,service_account_fileandaccess_tokenoptions are mutually exclusive.
Examples
- name: Create a basic primary alloydb instance
google.cloud.gcp_alloydb_instance:
instance_id: "{{ resource_name }}"
state: present
location: us-central1
instance_type: PRIMARY
cluster:
name: "projects/{{ gcp_project_number }}/locations/us-central1/clusters/{{ resource_name }}-cluster"
project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Whether the resource was changed. Returned: always |
|
Time the Instance was created in UTC. Returned: success |
|
The IP address for the Instance. This is the connection endpoint for an end-user application. Returned: success |
|
The name of the instance resource. Returned: success |
|
The outbound public IP addresses for the instance. This is available ONLY when networkConfig.enableOutboundPublicIp is set to true. These IP addresses are used for outbound connections. Returned: success |
|
The public IP addresses for the Instance. This is available ONLY when networkConfig.enablePublicIp is set to true. This is the connection endpoint for an end-user application. Returned: success |
|
Set to true if the current state of Instance does not match the user’s intended state, and the service is actively updating the resource to reconcile them. This can happen due to user-triggered updates or system actions like failover or maintenance. Returned: success |
|
The current state of the alloydb instance. Returned: success |
|
The system-generated UID of the resource. Returned: success |
|
Time the Instance was updated in UTC. Returned: success |